And today, another sign of the hack’s full cost: Target says its coming second-quarter results will include $148 million in expenses related to the breach. It will get back $38 million of that via an insurance payout, but it’s still enough to be a drag on results. Via Target’s statement, emphasis ours:

During fourth quarter 2013, Target experienced a data breach in which an intruder gained unauthorized access to its network and stole certain payment card and other guest information. In second quarter 2014, the Company expects to record gross breach-related expenses of $148 million, partially offset by the recognition of a $38 million insurance receivable.